vulnerability

Oracle Linux: CVE-2020-25662: ELSA-2020-4685: kernel security update (IMPORTANT)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:A/AC:L/Au:N/C:P/I:N/A:N)	Nov 3, 2020	Nov 23, 2022	Dec 3, 2025

Severity

CVSS

(AV:A/AC:L/Au:N/C:P/I:N/A:N)

Published

Nov 3, 2020

Added

Nov 23, 2022

Modified

Dec 3, 2025

Description

A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.

Solution

oracle-linux-upgrade-kernel

References

CVE-2020-25662
https://attackerkb.com/topics/CVE-2020-25662
ELSA-ELSA-2020-4685
CWE-284
CWE-665

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report